From d7050b44243dbe0d1c74c0c1258756f497e8c1a4 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 4 Oct 2009 16:43:39 +0000 Subject: [PATCH] Fix warnings about ignoring fgets return value --- apps/ca.c | 14 ++++++++++++-- apps/enc.c | 7 ++++++- apps/openssl.c | 3 ++- apps/req.c | 6 ++++-- crypto/ui/ui_openssl.c | 11 +++++++---- fips/fipsld | 5 +++++ 6 files changed, 36 insertions(+), 10 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index 7bd229139e..7fc2d57666 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1249,7 +1249,12 @@ bad: BIO_printf(bio_err,"\n%d out of %d certificate requests certified, commit? [y/n]",total_done,total); (void)BIO_flush(bio_err); buf[0][0]='\0'; - fgets(buf[0],10,stdin); + if (!fgets(buf[0],10,stdin)) + { + BIO_printf(bio_err,"CERTIFICATION CANCELED: I/O error\n"); + ret=0; + goto err; + } if ((buf[0][0] != 'y') && (buf[0][0] != 'Y')) { BIO_printf(bio_err,"CERTIFICATION CANCELED\n"); @@ -2101,7 +2106,12 @@ again2: BIO_printf(bio_err,"Sign the certificate? [y/n]:"); (void)BIO_flush(bio_err); buf[0]='\0'; - fgets(buf,sizeof(buf)-1,stdin); + if (!fgets(buf,sizeof(buf)-1,stdin)) + { + BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED: I/O error\n"); + ok=0; + goto err; + } if (!((buf[0] == 'y') || (buf[0] == 'Y'))) { BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED\n"); diff --git a/apps/enc.c b/apps/enc.c index f4f9a4c4a4..8f5e5b8935 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -226,7 +226,12 @@ int MAIN(int argc, char **argv) goto bad; } buf[0]='\0'; - fgets(buf,sizeof buf,infile); + if (!fgets(buf,sizeof buf,infile)) + { + BIO_printf(bio_err,"unable to read key from '%s'\n", + file); + goto bad; + } fclose(infile); i=strlen(buf); if ((i > 0) && diff --git a/apps/openssl.c b/apps/openssl.c index 7d2b476cf0..8e2d8dd569 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -333,7 +333,8 @@ int main(int Argc, char *Argv[]) else prompt="OpenSSL> "; fputs(prompt,stdout); fflush(stdout); - fgets(p,n,stdin); + if (!fgets(p,n,stdin)) + goto end; if (p[0] == '\0') goto end; i=strlen(p); if (i <= 1) break; diff --git a/apps/req.c b/apps/req.c index 5ed08960c1..314197de83 100644 --- a/apps/req.c +++ b/apps/req.c @@ -1538,7 +1538,8 @@ start: buf[0]='\0'; if (!batch) { - fgets(buf,sizeof buf,stdin); + if (!fgets(buf,sizeof buf,stdin)) + return 0; } else { @@ -1596,7 +1597,8 @@ start: buf[0]='\0'; if (!batch) { - fgets(buf,sizeof buf,stdin); + if (!fgets(buf,sizeof buf,stdin)) + return 0; } else { diff --git a/crypto/ui/ui_openssl.c b/crypto/ui/ui_openssl.c index ef930bf247..06270f09cd 100644 --- a/crypto/ui/ui_openssl.c +++ b/crypto/ui/ui_openssl.c @@ -297,7 +297,7 @@ static int is_a_tty; /* Declare static functions */ #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) -static void read_till_nl(FILE *); +static int read_till_nl(FILE *); static void recsig(int); static void pushsig(void); static void popsig(void); @@ -390,14 +390,16 @@ static int read_string(UI *ui, UI_STRING *uis) #if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE) /* Internal functions to read a string without echoing */ -static void read_till_nl(FILE *in) +static int read_till_nl(FILE *in) { #define SIZE 4 char buf[SIZE+1]; do { - fgets(buf,SIZE,in); + if (!fgets(buf,SIZE,in)) + return 0; } while (strchr(buf,'\n') == NULL); + return 1; } static volatile sig_atomic_t intr_signal; @@ -445,7 +447,8 @@ static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl) *p='\0'; } else - read_till_nl(tty_in); + if (!read_till_nl(tty_in)) + goto error; if (UI_set_result(ui, uis, result) >= 0) ok=1; diff --git a/fips/fipsld b/fips/fipsld index c71d4d95a5..461f1effdd 100755 --- a/fips/fipsld +++ b/fips/fipsld @@ -118,11 +118,14 @@ lib*|*.dll) # must be linking a shared lib... # generate signature... SIG=`"${THERE}/fips/fips_premain_dso" "${TARGET}"` +echo $TARGET: $SIG >>/tmp/fipsld.log +incore $TARGET >>/tmp/fipsld.log 2>&1 /bin/rm -f "${TARGET}" if [ -z "${SIG}" ]; then echo "unable to collect signature"; exit 1 fi + # recompile with signature... ${CC} ${CANISTER_O_CMD:+"${CANISTER_O_CMD}"} \ -DHMAC_SHA1_SIG=\"${SIG}\" "${PREMAIN_C}" \ @@ -157,6 +160,8 @@ lib*|*.dll) # must be linking a shared lib... # generate signature... SIG=`"${TARGET}"` +echo $TARGET: $SIG >>/tmp/fipsld.log +incore $TARGET >>/tmp/fipsld.log 2>&1 /bin/rm -f "${TARGET}" if [ -z "${SIG}" ]; then echo "unable to collect signature"; exit 1 -- 2.25.1